Online detection of fake access points using received signal strengths

Taebeom Kim, Haemin Park, Hyunchul Jung, Heejo Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Citations (Scopus)

Abstract

Wireless access points (APs) are widely used for the convenience and productivity of smartphone users. The growing popularity of wireless local area networks (WLANs) increases the risk of wireless security attacks. A fake AP can be set in any public space in order to impersonate legitimate APs for monetization. Existing fake AP detection methods analyze wireless traffic by using extra devices, and the traffic is collected by servers. However, using these server-side methods is costly and only provide secure communication, in limited places, of clients' devices. Recently, several fake AP detection methods have been designed in order to overcome the server-side problems in a client-side. However, there are two limitations to the client-side methods: cumbersome processes and limited resources. When the methods attempt to collect data, calculating interval time incurs time-consuming processes to detect fake characteristics in the client-side. Moreover, the operating systems in smartphones provide limited resources that can hardly be adopted in the client-side. In this paper, we propose a novel fake AP detection method to solve the aforementioned problems in the client-side. The method leverages received signal strengths (RSSs) and online detection algorithm. Our method collects RSSs from nearby APs and normalizes them for accurate measurement. We measure the similarity of normalized RSSs. If the similarity between normalized RSSs is less than the fixed threshold value, we determine that the RSSs are generated from a fake device. We can measure the optimal threshold value derived from the sequential hypothesis testing. In our experiment, when the fixed threshold value was 2, the true positive was over than 99% and the false positive was less than 0.1% in three observations.

Original languageEnglish
Title of host publicationIEEE Vehicular Technology Conference
DOIs
Publication statusPublished - 2012 Aug 20
EventIEEE 75th Vehicular Technology Conference, VTC Spring 2012 - Yokohama, Japan
Duration: 2012 May 62012 Jun 9

Other

OtherIEEE 75th Vehicular Technology Conference, VTC Spring 2012
CountryJapan
CityYokohama
Period12/5/612/6/9

Fingerprint

Received Signal Strength
Servers
Smartphones
Threshold Value
Wireless local area networks (WLAN)
Telecommunication traffic
Server
Productivity
Traffic
Testing
Sequential Testing
Wireless Local Area Network (WLAN)
Normalize
Resources
Secure Communication
Hypothesis Testing
Experiments
False Positive
Operating Systems
Leverage

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Science Applications
  • Applied Mathematics

Cite this

Kim, T., Park, H., Jung, H., & Lee, H. (2012). Online detection of fake access points using received signal strengths. In IEEE Vehicular Technology Conference [6240312] https://doi.org/10.1109/VETECS.2012.6240312

Online detection of fake access points using received signal strengths. / Kim, Taebeom; Park, Haemin; Jung, Hyunchul; Lee, Heejo.

IEEE Vehicular Technology Conference. 2012. 6240312.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, T, Park, H, Jung, H & Lee, H 2012, Online detection of fake access points using received signal strengths. in IEEE Vehicular Technology Conference., 6240312, IEEE 75th Vehicular Technology Conference, VTC Spring 2012, Yokohama, Japan, 12/5/6. https://doi.org/10.1109/VETECS.2012.6240312
Kim T, Park H, Jung H, Lee H. Online detection of fake access points using received signal strengths. In IEEE Vehicular Technology Conference. 2012. 6240312 https://doi.org/10.1109/VETECS.2012.6240312
Kim, Taebeom ; Park, Haemin ; Jung, Hyunchul ; Lee, Heejo. / Online detection of fake access points using received signal strengths. IEEE Vehicular Technology Conference. 2012.
@inproceedings{95cc1e2c90e249bf9eefd5bb6234f363,
title = "Online detection of fake access points using received signal strengths",
abstract = "Wireless access points (APs) are widely used for the convenience and productivity of smartphone users. The growing popularity of wireless local area networks (WLANs) increases the risk of wireless security attacks. A fake AP can be set in any public space in order to impersonate legitimate APs for monetization. Existing fake AP detection methods analyze wireless traffic by using extra devices, and the traffic is collected by servers. However, using these server-side methods is costly and only provide secure communication, in limited places, of clients' devices. Recently, several fake AP detection methods have been designed in order to overcome the server-side problems in a client-side. However, there are two limitations to the client-side methods: cumbersome processes and limited resources. When the methods attempt to collect data, calculating interval time incurs time-consuming processes to detect fake characteristics in the client-side. Moreover, the operating systems in smartphones provide limited resources that can hardly be adopted in the client-side. In this paper, we propose a novel fake AP detection method to solve the aforementioned problems in the client-side. The method leverages received signal strengths (RSSs) and online detection algorithm. Our method collects RSSs from nearby APs and normalizes them for accurate measurement. We measure the similarity of normalized RSSs. If the similarity between normalized RSSs is less than the fixed threshold value, we determine that the RSSs are generated from a fake device. We can measure the optimal threshold value derived from the sequential hypothesis testing. In our experiment, when the fixed threshold value was 2, the true positive was over than 99{\%} and the false positive was less than 0.1{\%} in three observations.",
author = "Taebeom Kim and Haemin Park and Hyunchul Jung and Heejo Lee",
year = "2012",
month = "8",
day = "20",
doi = "10.1109/VETECS.2012.6240312",
language = "English",
isbn = "9781467309905",
booktitle = "IEEE Vehicular Technology Conference",

}

TY - GEN

T1 - Online detection of fake access points using received signal strengths

AU - Kim, Taebeom

AU - Park, Haemin

AU - Jung, Hyunchul

AU - Lee, Heejo

PY - 2012/8/20

Y1 - 2012/8/20

N2 - Wireless access points (APs) are widely used for the convenience and productivity of smartphone users. The growing popularity of wireless local area networks (WLANs) increases the risk of wireless security attacks. A fake AP can be set in any public space in order to impersonate legitimate APs for monetization. Existing fake AP detection methods analyze wireless traffic by using extra devices, and the traffic is collected by servers. However, using these server-side methods is costly and only provide secure communication, in limited places, of clients' devices. Recently, several fake AP detection methods have been designed in order to overcome the server-side problems in a client-side. However, there are two limitations to the client-side methods: cumbersome processes and limited resources. When the methods attempt to collect data, calculating interval time incurs time-consuming processes to detect fake characteristics in the client-side. Moreover, the operating systems in smartphones provide limited resources that can hardly be adopted in the client-side. In this paper, we propose a novel fake AP detection method to solve the aforementioned problems in the client-side. The method leverages received signal strengths (RSSs) and online detection algorithm. Our method collects RSSs from nearby APs and normalizes them for accurate measurement. We measure the similarity of normalized RSSs. If the similarity between normalized RSSs is less than the fixed threshold value, we determine that the RSSs are generated from a fake device. We can measure the optimal threshold value derived from the sequential hypothesis testing. In our experiment, when the fixed threshold value was 2, the true positive was over than 99% and the false positive was less than 0.1% in three observations.

AB - Wireless access points (APs) are widely used for the convenience and productivity of smartphone users. The growing popularity of wireless local area networks (WLANs) increases the risk of wireless security attacks. A fake AP can be set in any public space in order to impersonate legitimate APs for monetization. Existing fake AP detection methods analyze wireless traffic by using extra devices, and the traffic is collected by servers. However, using these server-side methods is costly and only provide secure communication, in limited places, of clients' devices. Recently, several fake AP detection methods have been designed in order to overcome the server-side problems in a client-side. However, there are two limitations to the client-side methods: cumbersome processes and limited resources. When the methods attempt to collect data, calculating interval time incurs time-consuming processes to detect fake characteristics in the client-side. Moreover, the operating systems in smartphones provide limited resources that can hardly be adopted in the client-side. In this paper, we propose a novel fake AP detection method to solve the aforementioned problems in the client-side. The method leverages received signal strengths (RSSs) and online detection algorithm. Our method collects RSSs from nearby APs and normalizes them for accurate measurement. We measure the similarity of normalized RSSs. If the similarity between normalized RSSs is less than the fixed threshold value, we determine that the RSSs are generated from a fake device. We can measure the optimal threshold value derived from the sequential hypothesis testing. In our experiment, when the fixed threshold value was 2, the true positive was over than 99% and the false positive was less than 0.1% in three observations.

UR - http://www.scopus.com/inward/record.url?scp=84865046758&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84865046758&partnerID=8YFLogxK

U2 - 10.1109/VETECS.2012.6240312

DO - 10.1109/VETECS.2012.6240312

M3 - Conference contribution

AN - SCOPUS:84865046758

SN - 9781467309905

BT - IEEE Vehicular Technology Conference

ER -